191 matches found
CVE-2025-26519
musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write vulnerability when an attacker can trigger iconv conversion of untrusted EUC-KR text to UTF-8...
UBUNTU-CVE-2025-26519
musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write vulnerability when an attacker can trigger iconv conversion of untrusted EUC-KR text to UTF-8...
musl libc 安全漏洞
musl libc is an open source C standard library. It is mainly used for embedded systems and mobile devices, etc. A security vulnerability exists in musl libc, which originates from an attacker triggering an untrustworthy EUC-KR text conversion that can lead to out-of-bounds writes...
CVE-2025-26519
musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write vulnerability when an attacker can trigger iconv conversion of untrusted EUC-KR text to UTF-8...
CVE-2025-26519
CVE-2025-26519 affects musl libc versions 0.9.13 through 1.2.5 (before 1.2.6). The vulnerability is an out-of-bounds write triggered when iconv converts untrusted EUC-KR text to UTF-8. The connected IBM/NVD entries confirm the affected range and the trigger via EUC-KR text, but do not provide rem...
CVE-2025-26519
musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write vulnerability when an attacker can trigger iconv conversion of untrusted EUC-KR text to UTF-8...
CVE-2025-26519
musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write vulnerability when an attacker can trigger iconv conversion of untrusted EUC-KR text to UTF-8...
PT-2025-7175
Name of the Vulnerable Software and Affected Versions musl libc versions 0.9.13 through 1.2.5 Description The issue is related to an out-of-bounds write vulnerability in musl libc when an attacker can trigger iconv conversion of untrusted EUC-KR text to UTF-8. This can be exploited when an...
r09.kr Cross Site Scripting vulnerability OBB-3806283
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
eb5.kr Cross Site Scripting vulnerability OBB-3620996
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
kr-pl-lehmann.net Cross Site Scripting vulnerability OBB-3427299
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
law.daegu.ac.kr Cross Site Scripting vulnerability OBB-3368608
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
K68251873: glibc vulnerability CVE-2019-25013
Security Advisory Description The iconv feature in the GNU C Library aka glibc or libc6 through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read. CVE-2019-25013 Impact A buffer over-read may lead to segmentation fault, causing system...
SUSE CVE-2019-25013
The iconv feature in the GNU C Library aka glibc or libc6 through 2.32, when processing invalid multi-byte input sequences in the EUC-KR encoding, may have a buffer over-read...
wonju1388.kr Cross Site Scripting vulnerability OBB-3144770
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CLSA-2022-1671481209 Fix CVE(s): CVE-2020-27618, CVE-2019-25013
SECURITY UPDATE: buffer overrun in EUC-KR conversion module - debian/patches/any/CVE-2019-25013: skip two bytes when told to skip over the unknown designation, potentially running over the buffer end - CVE-2019-25013 SECURITY UPDATE: hang in the iconv program - debian/patches/any/CVE-2020-27618:...
Amazon Linux 2 : golang-github-kr-pty (ALAS-2022-1864)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1864 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid...
orange1.kr Cross Site Scripting vulnerability OBB-2945996
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2022-36870
Pending Intent hijacking vulnerability in MTransferNotificationManager in Samsung Pay prior to version 5.0.63 for KR and 5.1.47 for Global allows attackers to access files without permission via implicit Intent...
CVE-2022-36872
The CVE-2022-36872 entry describes a Pending Intent hijacking vulnerability in Samsung Pay’s SpayNotification component. Affected are Samsung Pay versions prior to 5.0.63 for Korea and prior to 5.1.47 for Global, where an attacker could access files without permission by exploiting an implicit In...